The second quarter of 2026 was a record-breaking period for hacks in the crypto industry: 83 incidents and $755 million in damages.

The second quarter of 2026 went down in crypto industry history as the most "hacker-heavy" period: analysts recorded 83 protocol hacks—an absolute record in terms of the number of incidents. The total damage amounted to $755.3 million, which, however, is not an all-time high in terms of loss volume.
The largest attacks of the quarter were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. In the cross-chain bridge segment, losses reached $351 million, with 38% of that amount attributed to the incident involving the LayerZero OFT bridge, which was linked to the attack on KelpDAO. Another 37% of losses were caused by compromised administrative access and token price manipulation. Theft of private keys accounted for only 5.66% of the total volume.
Despite the record number of incidents, this quarter was not the most expensive in terms of loss volume. The record is still held by the fourth quarter of 2020, with $3.56 billion in damages. This indicates a fundamental shift in the structure of attacks: instead of a few giant exploits, we are seeing a constant stream of smaller but more frequent incidents.
The reason for this trend lies in the decline of the ecosystem's overall liquidity. The total value locked (TVL) has decreased from $164 billion to approximately $73 billion, making large targets less attractive to hackers. However, this does not reduce risks: the gap between the speed of protocol development and the maturity of their risk management systems is becoming increasingly apparent. For example, some projects use a "three out of six" multi-signature scheme but store three keys on a single laptop—a gross mistake that makes the system vulnerable.
In May, THORChain developers confirmed a hack of the cross-chain protocol for $10 million, after which they suspended the platform's operations. On June 8, unknown parties compromised wallets associated with Humanity Protocol, causing damage of approximately $31 million.
Expert opinion. The record number of hacks amid a decline in average damage is an alarming signal for the industry. Hackers are adapting to market conditions, focusing on less protected but more numerous targets. This requires projects not only to raise security standards but also to implement stricter risk management practices, especially in the areas of key storage and access control.